package com.nnnu.wsnackshop.controller.admin;


import com.nnnu.wsnackshop.constant.MessageConstants;
import com.nnnu.wsnackshop.pojo.dto.AddPermissionDTO;
import com.nnnu.wsnackshop.pojo.dto.PermissionPageDTO;
import com.nnnu.wsnackshop.pojo.dto.UpdatePermissionDTO;
import com.nnnu.wsnackshop.pojo.vo.PermissionVO;
import com.nnnu.wsnackshop.result.Result;
import com.nnnu.wsnackshop.service.IPermissionsService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springdoc.core.annotations.ParameterObject;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * <p>
 * 权限表 前端控制器
 * </p>
 *
 * @author zk
 * @since 2025-05-14
 */
@RestController("adminPermissionsController")
@RequestMapping("/api/admin/permissions")
@Slf4j
@RequiredArgsConstructor
@Validated
@Tag(name = "管理端权限接口")
public class PermissionsController {
    private final IPermissionsService permissionsService;

    @Operation(summary = "分页查询权限", description = "superAdmin 或 admin 且拥有 permission:read 权限可访问")
    @GetMapping
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("permission:read")
    public Result<?> pagePermissions(@Validated @ParameterObject PermissionPageDTO dto) {
        log.info("分页查询权限：{}", dto);
        return Result.success(permissionsService.pagePermissions(dto), MessageConstants.SELECT_OK);
    }

    @Operation(summary = "获取权限详情", description = "superAdmin 或 admin 且拥有 permission:read 权限可访问")
    @GetMapping("/{id}")
    @RequiresRoles(value = {"superAdmin", "admin"}, logical = Logical.OR)
    @RequiresPermissions("permission:read")
    public Result<PermissionVO> getPermission(@PathVariable @Parameter(description = "权限ID", in = ParameterIn.PATH) Long id) {
        log.info("获取权限详情：{}", id);
        return Result.success(permissionsService.getPermissionDetail(id), MessageConstants.SELECT_OK);
    }

    @Operation(summary = "管理员创建权限", description = "仅 superAdmin 且拥有 permission:create 权限可访问")
    @PostMapping
    @RequiresRoles("superAdmin")
    @RequiresPermissions("permission:create")
    public Result<Void> createPermission(@Valid @RequestBody @Parameter(description = "权限信息") AddPermissionDTO dto) {
        log.info("管理员创建权限：{}", dto);
        permissionsService.createPermission(dto);
        return Result.success(MessageConstants.ADD_OK);
    }

    @Operation(summary = "更新权限", description = "仅 superAdmin 且拥有 permission:update 权限可访问")
    @PutMapping
    @RequiresRoles("superAdmin")
    @RequiresPermissions("permission:update")
    public Result<Void> updatePermission(@Valid @RequestBody @Parameter(description = "更新权限信息") UpdatePermissionDTO dto) {
        log.info("管理员更新权限：{}", dto);
        permissionsService.updatePermission(dto);
        return Result.success(MessageConstants.OPERATION_SUCCESSFUL);
    }

    @Operation(summary = "批量删除权限", description = "仅 superAdmin 且拥有 permission:delete 权限可访问")
    @DeleteMapping
    @RequiresRoles("superAdmin")
    @RequiresPermissions("permission:delete")
    public Result<Void> deletePermissions(@Valid @RequestParam @Parameter(description = "要删除的权限ID列表", in = ParameterIn.QUERY) List<Long> ids) {
        log.info("管理员批量删除权限：ids={}", ids);
        permissionsService.deletePermissions(ids);
        return Result.success(MessageConstants.OPERATION_SUCCESSFUL);
    }
}

